Main Navigation

Main Content

Seminar: Security In An AI-Driven World

Event Date:

Thu, 2018-03-15 09:30 - 10:45

Location: McBryde 655
Speaker: Bimal Viswanath

Abstract:
AI based on deep neural networks (DNN) has transformed computing as we know it. As AI tools become commoditized, and we increasingly rely on online services/devices powered by AI, it is important to understand the security risks. In this talk, I will present two research directions on this topic.
First, I will describe how AI can be used for attacks--to manipulate the information we consume online. In limited application contexts, DNNs have reached a point where they can produce sufficiently clear and correct text effectively indistinguishable from those produced by humans. I will show that AI programs based on Recurrent Neural Networks (RNNs) are capable of generating deceptive yet realistic looking reviews targeting e-commerce sites, and also discuss defensive measures. Second, I will focus on attacks on AI systems. Transfer learning is viewed as the next big step in accelerating adoption of AI systems. In this scheme, a small number of highly tuned centralized models are shared with the general community, and individual users further customize the model for a given application with additional training. I will present practical misclassification attacks against DNN models derived using transfer learning services available today. As part of future plans, I will discuss the need to re-think data-driven security when considering an AI-powered adversary.

Bio:
Bimal Viswanath is a Postdoctoral Scholar at the University of California Santa Barbara, and is currently visiting the University of Chicago. Prior to that, he was a Researcher at Nokia Bell Labs, Germany for a year. He received his PhD (2016) and M.S (2008) from the Max Planck Institute for Software Systems, Germany and the Indian Institute of Technology Madras, India, respectively. He is primarily interested in security and privacy, and his recent work explores the risks posed by deep learning in different application scenarios.